Srinagar: Besides Delhi-based Kashmiri journalists and a prominent civil society activist critical of official policy towards Jammu and Kashmir, more than 25 people from the Kashmir Valley were selected as potential targets of intrusive surveillance between 2017 and mid-2019 by an as yet unidentified government agency that is also believed to be a client of the Israeli company NSO Group, according to leaked records reviewed by The Wire.
The France-based journalism non-profit, Forbidden Stories, and international human rights advocacy group Amnesty International accessed a massive list of 50,000 numbers which are believed to have been selected as potential targets of surveillance by 10 countries. The records were then shared with a group of 16 media houses across the world –including The Wire – who worked collaboratively to investigate the scope of this intended or actual surveillance over several months in an initiative termed as the Pegasus Project
The numbers of key separatist leaders, politicians, human rights activists, journalists and business persons from Kashmir all figure in the snoop dragnet.
Of these, The Wire was able to conduct forensic analysis on the phones of two – separatist leader Bilal Lone and the late S.A.R. Geelani, who worked as a lecturer in Delhi University and died in 2018.
Lone’s phone data was examined by Amnesty International’s Security Lab. Even though this phone set was not the same as the one he used at the time his phone was potentially targeted as per the leaked database, forensic analysis revealed signs of Pegasus targeting. The signs appear in 2019, and are likely the outcome of a process initiated by an India-based client of the NSO Group.
The Israeli firm has denied that the records accessed by the Pegasus Project have anything to do with surveillance.
“It is not a list of targets or potential targets of NSO`s customers, and your repeated reliance on this list and association of the people on this list as potential surveillance targets is false and misleading,” NSO said in a letter to the Pegasus Project on Tuesday.
Before the government of India revoked Jammu and Kashmir’s special constitutional status in August 2019 and jailed hundreds of political opponents, dissidents and activists, Lone had formed a political outfit of his own, the Peoples Independent Movement, “to avoid confusion” with the Peoples Conference, which is headed by his brother Sajad Lone.
Bilal Lone told The Wire that he has since moved away from the political front for now and is instead focusing on the popular bakery which he owns near his heavily fortified residence in uptown Srinagar. As the forensic analysis shows, attempts to target his phone were made when he was still very much active in politics.
“I used to hear rumours about phone tapping. It never occurred to me that I also may be a target. But I am too small a person to do anything about it,” said Lone.
An Appeal: Support Investigative Journalism That Brings You The Truth. Support The Wire.
Geelani’s phone showed clear signs of Pegasus spyware activity between February 2018 and January 2019, forensic analysis showed, as The Wire has already reported. The days and months in which the infection was detected on his phone match with his appearance in the leaked data.
A zero click message exploit, which can deliver a malicious spyware payload without the user of the phone even having to interact with the message, was used on at least one occasion to attempt to infect the phone.
For the other potential targets in Kashmir it was not possible, for one reason or another, to conduct forensic analysis. As The Wire and its media partners have noted, the appearance of a number in the leaked database does not necessarily mean that the phone in question had been infected; but it does mean that the phone number was likely selected for potential surveillance.
Mehbooba Mufti’s family members
Others on the leaked database include at least two members of People’s Democratic party (PDP) chief and former chief minister of J&K Mehbooba Mufti’s family.
Their selection as potential targets of surveillance happened when Mufti was still chief minister of the erstwhile state and in a coalition with the BJP. In fact, Mufti’s family members were chosen for potential surveillance just months before the government collapsed as the BJP pulled out of the coalition in June 2018.
When asked if she thought there was a link, Mufti declined to comment.
She added that surveillance, as a concept, for Kashmiris is not new. “People are used to having their thoughts, ideas not only intercepted but even being punished for them.”
Brother of politician who is now close to BJP also selected
J&K Apni Party president Altaf Bukhari’s brother Tariq Bukhari also makes an appearance in the list and was of considerable interest to the agency which added his name between 2017 and 2019.
Altaf, formerly with the PDP, was a minister in the PDP-BJP government but was expelled from the party in 2019 for “anti-party activities”. After that, in 2020, he launched the Apni Party which is believed to have New Delhi’s blessings.
His brother, Tariq, who was the subject of potential surveillance, is a businessman and political leader who, in April 2019, was questioned by the National Investigation Agency in a ‘terror funding’ case. In the aftermath of the stripping of J&K’s autonomy in August 2019, he was one of the few prominent Kashmiris to back the Union government’s decision.
Also read: Dalai Lama’s Closest Advisors, Tibetan Officials Were Potential Targets of an NSO Group Client
In addition, at least four members of Kashmir’s most influential separatist leader Syed Ali Shah Geelani’s family – including his son-in-law, journalist Iftikhar Gilani and his son, scientist Syed Naseem Geelani – were of consistent interest to the Indian client of the NSO group between 2017 and 2019.
Naseem said over SMS that he feels that he could have been a target of potential surveillance “probably because of political views of my father”. The older Geelani apparently does not use a mobile phone.
The unprecedented leak also shows that the current head of the Hurriyat conference Mirwaiz Umar Farooq was a potential target of surveillance between 2017 and 2019. Farooq, as chief cleric of the Jamia Masjid, a 14th-century iconic religious centre situated in Srinagar city, is also a very key religious figure in the Valley.
The records reveal that Farooq’s driver too had possibly been a target of surveillance.
The Hurriyat Conference headed by Farooq is an amalgam of nearly two dozen Kashmiri separatist outfits that have participated in an official dialogue with the Indian government in the past.
It opposed the August 2019 decision to read down Article 370 of Indian Constitution which granted a degree of autonomy to Jammu and Kashmir.
Both Geelani and Farooq have been under house arrest since August 5, 2019, when J&K’s autonomy was scrapped and the state was bifurcated into two union territories.
When contacted by The Wire, a senior aide of Farooq’s said he was “disturbed” that his “fundamental rights have been put at stake”.
“It is an infringement of the right to privacy and a human rights violation. In J&K where even basic rights of an entire population remain suspended, it is unlikely there will be redressal,” the aide said, wishing to remain anonymous.
Journalists and civil society voices in the cross-hairs
Waqar Bhatti, a prominent human rights activist from the Valley, was also potentially a target of surveillance. Bhatti believes that he was possibly marked due to his activism.
“I am an activist from Kashmir. The government doesn’t like people who are involved in activism in Kashmir,” Bhatti told The Wire.
The Pegasus Project data also shows that at least five Kashmiri journalists – including Muzamil Jaleel of the Indian Express, Aurangzeb Naqshbandi with Hindustan Times at the time, Iftikhar Geelani formerly with DNA and Sumir Kaul of PTI – were also targeted in the cyber surveillance programme. The name of the fifth journalist is being withheld at their request. Shabir Hussain, a Delhi-based political commentator from Kashmir, is also in the list.
There appear to be certain patterns too. Jaleel and Naqshbandi appear in the database at the same time in mid 2018, while Kaul and Hussain appear together in early 2019.
Also read: Before Indian Soldiers Captured Dubai Princess on High Seas, UAE Zeroed in on Her Friends’ Numbers
Kaul is senior national editor at the Press Trust of India (PTI). He is based in Delhi and covers Kashmir for the press agency. “I am totally surprised to learn this,” he said.
Vijay Joshi, CEO and editor-in-chief of PTI, said that “if it’s true [that the phone was potentially a subject of surveillance], then we condemn it in the strongest terms because it would be a violation of an individual’s privacy and an assault on the freedoms granted by the Constitution.”
Joshi also urged the government to “be transparent and confirm whether or not it compromised our staff member’s phone.”
The telephone number of a highly-regarded Delhi-based civil society critic of the government’s Kashmir policy also features in the database for 2018 and 2019. The Wire verified the number but is withholding their identity at their request.
A prominent businessman based in the Valley was also of interest for potential surveillance, as was a Delhi-based businessman who is known to enjoy strong political contacts with all mainstream J&K parties. Their identities are being withheld on their request
The phone of a handicrafts businessman based in downtown Srinagar was also potentially targeted in the campaign. He refused to comment.
Among others selected for potential surveillance include an influential cleric associated with Mirwaiz-led Hurriyat and prominent separatist leader Zaffar Akbar Bhat.
The records also show that two social activists and a senior faculty membe at an agriculture science university in the region were also chosen for potential surveillance.
The Pegasus Project is a collaborative investigation that involves more than 80 journalists from 17 news organisations in 10 countries coordinated by Forbidden Stories with the technical support of Amnesty International’s Security Lab. Read all our coverage here.